<?php

class HTSecurity {
	/* @var $myUtils Utils */
	public $myUtils;

	public function __construct() {}
	
	/**
	 * 
	 * this sets the utils class we'll need.
	 * had we passed by value the object would 
	 * have to clone itself creating more connections
	 * @param Utils &$myUtil
	 */
	public function setUtils(Utils $myUtil) {
		$this->myUtils = $myUtil;
	}

	
	public function hasPrivilege($myPrivilege) {
		$hasPrivs = false;

		
	}
	
	public function authenticateUser($myUsername, $myPassword) {
		$myUsername = strtolower($myUsername);
		if(!($this->myUtils->validEmail($myUsername))) {
			error_log("failed custom email check.");
			return false;
		}
		$userRecords = $this->myUtils->getUser($myUsername);
		if(count($userRecords) < 1) {
			error_log("user not found: " . $myUsername);
			return false;
		}
		$storedPwd = $userRecords[0]['u_password'];

		if(!($storedPwd == $myPassword)) {
			error_log("passwords didn't match");			
			return false;
		}
		return true;
	}
	
	public function isLoggedIn() {
		return isset($_SESSION['login_email']);
	}
	
	public function isAdmin() {
		return isset($_SESSION['isAdmin']);
	}
}
?>